<?php
session_start();
require 'conn.php';

// 获取表单数据
$phone = isset($_POST['phone']) ? trim($_POST['phone']) : '';
$password = isset($_POST['password']) ? trim($_POST['password']) : '';

if (empty($phone) || empty($password)) {
    echo "<script>alert('手机号和密码不能为空！');history.back();</script>";
    exit;
}

// 查询数据库，验证手机号和密码
$sql = "SELECT * FROM users WHERE phone = '$phone' AND password = '$password'";
$result = $conn->query($sql);

if ($result->num_rows > 0) {
    // 登录成功
    $user = $result->fetch_assoc();
    $_SESSION['user_id'] = $user['id'];
    $_SESSION['username'] = $user['username'];
    $_SESSION['name'] = $user['name'];
    echo "<script>alert('登录成功！');window.location.href='index.php';</script>";
} else {
    // 登录失败
    echo "<script>alert('手机号或密码错误！');history.back();</script>";
}

$conn->close();
?>
